search cancel

Your Application Detection configurations are showing sync failure status

book

Article ID: 171427

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention

Issue/Introduction

After one or more entries for Application Detection has been configured in the Enforce Server web console, the sync status in the list of configured applications shows "Sync Failure".

Environment

DLP version 15 or above, with a Cloud Detection Server enrolled, connecting to the Elastica CASB CloudSOC.

Cause

In this case, the Cloud Detection Server is configured correctly, but there is some issue on the Elastica CloudSOC CDS connection which is preventing successful sync with DLP.

 

Resolution

Login to your Elastica CASB CloudSOC tenant, and look for the "gear" icon in the upper right of the screen:

From the new Settings column on the left, choose "Data Loss Prevention", and the registered DLP Detector will appear.

There are 4 options under the "Actions" section of that configuration. The 3rd option is regarding the "Activation" of the appliance, as is shown in this screenshot from the "Provisioning Symantec DLP Cloud Detection Service in CloudSOC" documentation:

  1. Click once to De-Activate the appliance, then save the configuration.
  2. Click again to Activate the appliance, then save the configuration.
  3. Click again to Connect the appliance, then save the configuration.

As per the column to the left, the "Status" of the DLP Appliance should be green after this is performed (note - it may have shown as green previously, but the steps above should still be taken).

Again, as per the Elastica CASB documentation:

Important - it is not necessary to remove the DLP Appliance (first option under "Actions", given by an "X" icon). If that step is taken by mistake, you will need to contact Technical Support, to have the DLP Cloud Operations and Elastica CASB teams reset the DLP appliance and Elastica CASB hosted systems before you can re-register it successfully.

Once reset has been completed in CloudSOC -

  1. Return to DLP Enforce Console and click on "Sync to CloudSOC" again
  2. If this reset process was successful in approx 2 to 3 minutes you should see "Sync Successful" similar to screenshot below

 

Additional Information

This is different from the issue described in related article Application Detection never changes "Sync Pending" status (broadcom.com), where the sync status remains at "Pending" and never goes to "Failure".

Attachments